npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@syntropy/token-manager

v2.0.5

Published

JWT token manager

Downloads

6

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

compwrightcompwrightjustin-syntropyjustin-syntropy

Keywords

Readme

token-manager

A JWT token management library for browser clients

Features:

  • Supports multiple token stores (local storage, session storage, URL hash, failover wrapper)
  • Bundled AngularJS module (for Angular 1.x)
  • Extensible via event listeners, middleware, and decorators

Usage

To install:

npm install --save token-manager

To use with a module bundler (webpack, etc):

var tokenManagerModule = require('token-manager');
angular.module('myApp', [ tokenManagerModule.name ]);

To use directly in-browser, see dist/token-manager.bundle.js.

TokenManager class

Events

TokenManager is an event emitter. See tiny-emitter for detailed documentation on how to bind to or trigger events.

auth

Fires whenever a new token is set. The token value is passed as the first argument.

expiring

Fires shortly before the token expires. The token value is passed as the first argument.

Configure the amount of time before expiration using the expirationWarning option when constructing the instance.

expired

Fires when the token expires. The token value is passed as the first argument.

error

Fires on error. The token value is passed as the first argument.

Methods

constructor(store, options = {})

  • store - an instance of TokenStore
  • options - a configuration object
    • expirationWarning - time in ms before token expiration to fire the expiring event. If not set, or zero, the event will not fire.
    • logger - instance of a logger, such as console or $log.

get()

Returns the current token from the token store.

auth(newToken)

Sets a new token. If any expiration timers are running they will be reset for the new token.

Fires the auth event when successful, or the error event when unsuccessful.

reset()

Resets the token manager state, stops all timers, and removes the token from the token store.

use(middlewareFn)

Add a middleware function (or array of functions) that is to be run on the token prior to setting it.

Middleware should have the following signature:

middleware(token, next(err, newToken))

Inside the function, call next(err) on error, and next() or next(null, newToken) when done. If newToken is passed, it will replace the token that is provided in subsequent middleware.

on(event, callback(...args))

Add a listener for an event.

once(event, callback(...args))

Add a one-time listener for an event.

off(event[, callback])

Remove a listener for an event. If no callback function is passed, removes all listeners for that event.

emit(event[, ...args])

Fire a custom event with one or more arguments.

keepAliveDecorator(manager, renewFn)

Decorates a token manager instance by exposing a keepAlive() method and binding to the 'expiring' event, so that if there has been recent activity (via keepAlive()), calls the renewFn to renew the token.

exchangeMiddleware(whenFn, settings = {})

Token middleware to detect when an authorization token should be exchanged for an access token (or some other similar token exchange scenario).

Uses fetch to make the token exchange. (You will probably need to polyfill.)

  • whenFn(token) - a function that will receive the token as an argument, and returns true if the token should be exchanged.
  • settings - a configuration object
    • url (required) - URL to call
    • method='POST' - HTTP verb to use
    • headers={'Authorization': 'Bearer ' + token} - HTTP headers to use

The exchanged token is then returned by the middleware to the auth() method.

TokenStore class

TokenManager relies on token stores that follow a specific interface. Custom token stores should extend this class.

Methods

constructor(store, key)

  • store - the storage layer for storing the tokens. By default, TokenStore expects an object or object-like interface.
  • key - the key in the store to use to store the token.

get()

Get the current token value from the store.

set(token)

Set a new token in the store.

remove()

Remove the token from the store.

AngularJS module

tokenManager service

Composes TokenManager, TokenStore, keepAliveDecorator, and exchangeMiddleware into a single AngularJS service.

Service configuration can be managed in a config() block via the tokenManagerProvider (see below).

getInstance()

Returns the wrapped TokenManager instance.

initialize()

Gets the current token from the token store, and then calls TokenManager.auth() using that initial token and returns a promise that will resolve to the token value.

getToken()

Alias for TokenManager.get().

getTokenPromise()

Just like getToken(), but returns a promise.

getClaims()

Returns the decoded version of the current token.

getClaimsPromise()

Just like getClaims(), but returns a promise.

setToken(token)

Alias for TokenManager.auth(), but with the following differences:

  • If token is empty, calls TokenManager.reset() instead
  • If token is invalid, calls TokenManager.reset() instead

logout()

Alias for TokenManager.reset().

keepAlive()

Updates the last activity timestamp. See the keepAliveDecorator above for details.

renew()

Force an immediate token refresh by calling the keepAliveDecorator's renewFn and returning the resulting promise.

tokenManager provider

config(options)

Configures the tokenManager service in a config() block.

Options:

  • authorizeUrl="/auth" - URL to use when exchanging tokens
  • refreshUrl="/renew" - URL to use to get a new token when the old one is expiring
  • tokenTypeClaim="type" - JWT claim to read to determine if the token should be exchanged
  • tokenAuthValue="auth" - JWT claim value when the token should be exchanged
  • tokenTypeProvider=() => function(claims) - A higher order function that returns a function to check whether the token should be exchanged or not. Use this if tokenTypeClaim and tokenAuthValue are not sufficient to determine when to exchange the token
  • persistenceStrategy="urlPersistenceStrategy" - The token store to use
  • persistenceStrategyProvider=function - An injectable that returns the desired token store
  • autoRefresh=60*1000 - How long (in milliseconds) before token expiration to fire the expiring event and attempt renewal
  • autoRefreshSession - How recent (in milliseconds) the most recent activity from the user must be before attempting to refresh the token

urlTokenStore service

TokenStore instance that uses $location to persist the token in the URL hash.

urlTokenStore provider

urlTokenStore may be configured in a config() block using the provider.

config(options = {})

Options:

  • persistenceKey="token" - The token key to use in the token store.
  • persistenceKey=function() - A function that returns the desired persistenceKey value.

localStorageTokenStore service

TokenStore instance that uses $localStorage to persist the token in local storage.

Requires ngstorage or compatible.

localStorageTokenStore provider

localStorageTokenStore may be configured in a config() block using the provider.

config(options = {})

Options:

  • persistenceKey="token" - The token key to use in the token store.
  • persistenceKey=function() - A function that returns the desired persistenceKey value.

sessionStorageTokenStore service

TokenStore instance that uses $sessionStorage to persist the token in local storage.

Requires ngstorage or compatible.

sessionStorageTokenStore provider

sessionStorageTokenStore may be configured in a config() block using the provider.

config(options = {})

Options:

  • persistenceKey="token" - The token key to use in the token store.
  • persistenceKey=function() - A function that returns the desired persistenceKey value.

failoverTokenStore service

TokenStore that composes one or more read TokenStore instances and one or more write TokenStore instances together such that if the first one fails, it will retry against the second, and so on.

failoverTokenStore provider

failoverTokenStore may be configured in a config() block using the provider.

config(options = {})

Options:

  • read=[] - an array of one or more *TokenStore services to attempt to read from
  • write=[] - an array of one or more *TokenStore services to attempt to write to